Accused owner of 'BlackShades' malware near guilty plea -filing

NEW YORK, Feb 2 (Reuters) - A Swedish man who U.S. authorities say helped create malicious software used to hack half a million computers worldwide is expected to plead guilty in New York next week, according to a court filing.

Alex Yucel, 24, the alleged owner of BlackShades, has reached a plea deal in principle, according to a document filed by federal prosecutors on Monday. BlackShades sold software that gave hackers remote control of other people’s computers, allowing them to record keystrokes, steal passwords and gain access to personal files, according to authorities.

“We anticipate that the plea agreement will be executed by the end of this week,” Assistant U.S. Attorney Sarah Lai wrote to U.S. District Judge P. Kevin Castel, asking him to set a date next week for a possible guilty plea.

Yucel was arrested in November 2013 in Moldova, part of a global crackdown on the software and its users, and later extradited to the United States. He ran BlackShades under the alias “marjinz,” authorities said, paying a marketing director and a team of customer service representatives to bolster his business.

His defense lawyer could not immediately be reached for comment.

In May 2014, U.S. and European authorities announced the arrest of about 100 people in connection with BlackShades.

U.S. prosecutors said the organization had sold a program called the “Remote Access Tool,” or RAT, to thousands of users in more than 100 countries since 2010.

The inexpensive software was used in some cases to take over computers’ cameras to spy on their owners, prosecutors said. Other hackers froze people’s computers and sent ransom notes demanding payment before they would unlock the machines, authorities said.

“For just $40, BlackShades’ RAT enabled anyone, anywhere in the world, to become a dangerous cyber criminal,” Manhattan U.S. Attorney Preet Bharara told reporters at a press conference announcing the sweep in May.

The investigation into BlackShades grew out of a separate cybercrime sting by the FBI, “Operation Card Shop,” in which authorities created a fake website to ensnare criminals seeking to buy and sell credit card numbers.

One of those arrested in that probe, Arizona resident Michael Hogue, turned out to be the co-creator of BlackShades’ RAT and agreed to cooperate with the government as part of a plea agreement, according to court documents. (Reporting by Joseph Ax; Editing by Bernard Orr)